CN1156117C - Method, apparatus and communication system for exchanging message in all over environment - Google Patents

Method, apparatus and communication system for exchanging message in all over environment Download PDF

Info

Publication number
CN1156117C
CN1156117C CNB991274474A CN99127447A CN1156117C CN 1156117 C CN1156117 C CN 1156117C CN B991274474 A CNB991274474 A CN B991274474A CN 99127447 A CN99127447 A CN 99127447A CN 1156117 C CN1156117 C CN 1156117C
Authority
CN
China
Prior art keywords
channel
uni
wireless communication
directional wireless
radio broadcasting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB991274474A
Other languages
Chinese (zh)
Other versions
CN1262563A (en
Inventor
���ء����߸�
里特·赫曼
德克·胡塞曼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN1262563A publication Critical patent/CN1262563A/en
Application granted granted Critical
Publication of CN1156117C publication Critical patent/CN1156117C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B13/00Transmission systems characterised by the medium used for transmission, not provided for in groups H04B3/00 - H04B11/00
    • H04B13/005Transmission systems in which the medium consists of the human body
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/72409User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories
    • H04M1/72412User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories using two-way short-range wireless interfaces
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention provides methods, apparatus, and communication systems for the exchange of information in a networked pervasive environment. Therewith an authenticated and secure session can be achieved. Therefor are used a first device and at least a remote second device. A unidirectional wireless communication channel between the first device and the remote second device is initiated, whereby a sequence via the unidirectional wireless communication channel from the first device to the remote second device is sent in order to furnish the remote second device with encryption information. An encrypted response is sent via a wireless broadcast medium to the first device by using said encryption information for encryption.

Description

Specification is used in the method that spreads all over the environment exchange message, device and communication system
Technical field
The present invention relates to be used for the method that spreads all over (pervasive) environment exchange message, device, and communication system a networking.More particularly, the present invention relates to allow device to carry out one by an original plan of session authentication and/or safety.
Background technology
Originally very big, very rare, and be that the computer of very isolated device has become more and more littler, and also be more prone to carry.Personal computer and peripheral hardware are little of being placed on the Working table.Littler is portable computer and notebook.Have little of being installed to a motor vehicle, the terminal on waggon for example.Littler is handheld terminal, and typically use characteristic is portable feature, and one of them user can use a hand to take described terminal, and operates described terminal with another hand.Come the physical connection said apparatus to have shortcoming by cable or optical fiber, the structural limitations that produces because cable length is limited for example, port number on the computer is limited, thus the restriction peripheral hardware number that can connect, and it is pretty troublesome or the like to re-construct the work of hardware unit.Note that some Peripheral Interface systems are arranged, wherein limited port number can not limit the number of peripheral hardware on the computer.USB (USB) and IEEE1394 (live wire) are exactly the example that can support the peripheral bus system of a lot of devices on a single port.Ethernet is the example (other example is a token ring, FDDI (Fiber Distributed Data Interface), and DQDB (distributed queue dual bus)) that cable is used as a communication system of a shared medium.
Install more little, connect (human body network for example with wireless interim (ad-hoc), radio frequency connects, perhaps infrared connection) substitutes fixed physical and connect and just to become more important, because come physical connection terminal, peripheral hardware and other device seriously to reduce to make the device littler efficient of bringing that becomes by cable or optical fiber.Move everywhere at device, enter a zone and withdraw under another regional situation, need to connect temporarily.Term refers to carry out continually the network reorganization temporarily.
Local communication has developed into so-called PAN (Personal Area Network) apace, and PAN (Personal Area Network) is the network that communicates between local peers include both (peer) or subsystem.This network is known as local area network (LAN) here.In this local network, the radio communication particular importance that seems.Develop and designed a lot of wireless communications methods different, that know and be used for the communication between the peers include both of this local network or subsystem, carried out.
A typical case of a local network is the PAN (Personal Area Network) (PAN) that results from the work of two seminar of Massachusetts science and engineering (MIT) Media Lab.Because human body has natural salinity, so human body is a good Ampereconductors.The PAN technology has been utilized described electric conductivity.The PAN technology uses a faint electric current to send a user's identity and out of Memory from people one by one to another person, even to a lot of daily targets, car for example, public telephone, and ATM (ATM) transmission information.Information sends from microprocessor, and microprocessor is placed in the PAN transmitter and receiver that size is a thick credit card.Then, send or receiving digital data through a faint external electrical field.Described small-signal is by the natural salinity conduction of human body, and the process human body comes beared information without being noticed.The frequency of described signal is low, and power is also low, and this guarantees can not exceed human body to the information of Personal Numbering, and described information some things that only can be contacted with it or someone receive.The present speed that transmits of described information is equivalent to the modulator-demodulator of one 2400 baud.In theory, use described method, communication speed can reach per second 400,000 bits.PAN is a typical case without any need for an attached cable or a similar interim-human body network.
The PAN technology may be in commerce, medicine, and retail, even on individual stage, application prospect is arranged.For example, the business parnter can use one to shake hands and exchange the e-business card.Corporate security equipment can automatically log the user into department of computer science unifies the user is withdrawed from computer system login, and the people who takes monthly ticket to take the subway can be by coming to pay to taking subway through a turnstile.The PAN technology also allows people to carry the medical records information that stores with digital form, with can be by emergency medical personnel access when the generation emergency; The call card number can automatically be delivered to a pay phone from a wallet; ATM and automobile can they owner near the time, just automatically identify their owner immediately.The Another application field is the businessman, the businessman needs can be apace, reliably login advance/go out to be used to enter a transaction platform of purchase and sale.Even apparatus for household use, CD Player for example, TV and copy bread producing machine also can use the PAN technology to discern and be adjusted to hobby and the entertaining that adapts to the individual.The PAN network is normally point-to-point, and wherein human body is as a broadcast communication media types.
GTE company has developed a short-range radio-frequency technique (RF), and its purpose is to mobile device, cell phone for example, beep-pager, and a method dexterity of HPC (PC), that communicate with another device.The technology of GTE company temporarily is known as human body LAN (local area network (LAN)).The initial development of human body LAN is through a line underwear that has connected various devices on it (therefore being called human body LAN).Several years ago, this has been upgraded to a RF connection.
Xerox company has developed a hand-held computing device that is called PARC TAB.Described PARC TAB is of portable form, and is connected on the work station of office by the base station of its location aware.PARC TAB base station be placed on the building around, and be connected to a fixedly wire net.PARC TAB system use the sign of a building layout information that pre-sets and various base stations judge it lay oneself open to which peak signal base station near.A PARC TAB system postulation PARC TAB mancarried device always is connected on the network infrastructure.The position of each portable PARC TAB device is known to systems soft ware.These base station distance zones, and be connected on the power supply.The topological structure of PARC TAB communication system is a hub-and-spoke configuration.
In attempting the data communication between the different PC devices carried out the effort that standardization formulates, several companies, comprise Ericsson, IBM, Intel, Nokia and Toshiba have set up a bluetooth (Bluetooth) alliance, are based upon fixingly, carry out the global-intercommunication standard that connects based on RF between the portable and mobile device.There are many other companies to adopt described standard.The standard of being advised comprises structure and the protocol specification from the physical layer to the application layer.For example, described technology can realize: when the user entered into themselves office, the similar information that the application message that automatically makes in the mobile device to be preserved and are fixedly preserved in the desktop computer was consistent.Because Bluetooth technology can seamlessly merge through the voice-and-data transmission wireless, that short-range radio frequency is carried out, so Bluetooth technology can allow the user to be connected on a lot of devices easily and apace, and do not need to use cable, thereby expanded mobile computer, the communication capacity of mobile phone and other mobile device.The operational environment of bluetooth is not also defined fully, but similar with IrDA (Infrared Data Association) standard and improved (AIr) standard probably.Other aspect that may be applied in the Bluetooth technology may result from ieee standard 802.11 and/or HIPERLAN, and this is issued by ETSI (ETSI).
Blue tooth wireless technology provides a mechanism, forms the little special-purpose interim jockey group that is not connected and fixed network infrastructure.In the Bluetooth technology, in master unit and the identical network section tangible difference arranged from the unit, a master unit is that its clock and frequency hop sequences (hoppingsequence) are used to all other devices are carried out a synchronous device.What in other words, bluetooth approach adopted is concentrating structure.Discovery mechanism based on inquiry is used to the blue-tooth device of finding that the address is not known in advance.Inquiry also concentrates on the logon server.The shortcoming of such centralized way is that fault point, a center is arranged.Another shortcoming of such system is to compare with a distributed method, and its overhead demand is bigger.The subject matter of such system is to find a single logon server, if described logon server has disappeared, what situation will appear? if two devices have at random met, they must at first identify the other side's appearance, judge then who is a logon server, carry out their communication process then.This be since to leader's Continuous Selection and again selection caused the overhead of described increase.The method that substitutes is that expects users is carried the device that they always hold, and makes it always become the leader.But this is not the selection of a practicality.
Infrared Data Association (IrDA) is an association that comprises more than 150 company in the world wide, and its aim provides infrared standards and norms, guarantees the quality and the interoperability of infrared technique.IrDA-D is the infrared data transmission standard, and its data transmission distance can surpass 1 meter, and speed is upgraded to 4Mb/s or 16Mbs from 115kb/s in the near future.The wide range of its support hardware and software platform.The IrDA data definition be used for an intercommunication, general two-way wireless infrared light sends a standard of FPDP, and recommendedly be used for that high speed is short-range, sight line, point-to-point cordless data transmit.The IrDA data protocol comprises one group of essential agreement and optional agreement.But initial specifications has shown some shortcomings, and has limited data communication, and only a pair of device can be communicated in identical infrared spatial.In a cooperation of Hewlett-Packard and IBM Corporation, a further standard is called improved infrared (AIr) and is developed, and it has defined infrared data communication of future generation system.AIr carries out multi-multipoint intercommunication in the recommended room that is used for.Distance and data rate can change in 8 meters 250kb/s to 4 meter 4Mb/s.It is designed for the wireless connection between a plurality of peripheral hardwares and the collaboration applications of meeting room.See the website http://www.irda.org of IrDA about the details of IrDA.
HomeRF (based on the WAP (wireless access protocol) of sharing (SWAP)) is another example that can be used to an operational environment of jockey.By in the room and the room around PC and consumer electronics device between the radio digital communication that carried out set up the industrial specification of an opening, HomeRF working group is formed for a lot of consumption device provides the intercommunication basis.Described working group comprises field of personal computers, consumer electronics field, and the peripheral hardware field, the communications field, the leader company in software and the semi-conductor industry is developing a standard that is used for carrying out in the room radio communication, is called SWAP.The HomeRFSWAP system is designed to voice-bearer and data service, and carries out intercommunication with public switched telephone network (PSTN) and the Internet; It is operated in the 2400M hertz band, and uses a digital frequency-hopping spread spectrum wireless technology.The SWAP technology results from the extension to the wireless service of new class family expenses of the cordless telephone (DECT) that existed and wireless lan technology.It supports time division multiple access (TDMA) service, and interactively voice and other business to time-sensitive of sending is provided, and supports carrier sense multiple/collision to avoid (CSMA/CA) service, sends high speed packet data.Under the control of a tie point, the SWAP system both can be used as a casual network job, can be used as a supervising the network job again.In a casual network of only supporting data communication, all stations are equality, and the control of network is distributed in each station.For the communication to time-sensitive, for example interactive voice need provide the described tie point of gateway to coordinate described system to PSTN.Each station uses CSMA/CA to come to communicate with a tie point and other station.See the website http://www.homerf.org of home radio frequency working group about the further details of HomeRF.Here, whole SWAP standard 1.0 is cited for referencial use.
The information that is sent only is confined to a specific receiver, is not suitable for everyone.For guaranteeing safety and authorized communication, method of encrypting is useful with helpful.Cryptographic system is to send a message from a sender to a receiver through a medium, with guarantee described message be ' safety ' a system.This means that only specific receiver can recover described message.Described cryptographic system is also referred to as plain text with described message, is converted to an encryption format, is called encrypted text.By using one or more encryption key to come described message is operated or changed, finish ciphering process.Receiver is deciphered described message by encrypted text-converted is returned plain text.This is by using one or more encryption key to come the inverse process of executable operations or transfer process to finish.Such one encrypt to transmit be safe, as long as only transmitter and receiver are known described key.Past has proposed several cryptographic systems, for example public key cryptosystem.In a public key cryptosystem, a private cipher key always links together with a Public key on the mathematics.For example, known and already used public key cryptosystem are the Diffie-Hellman key protocols, RSA method, perhaps EIGamal method.R.Cramer and V.Shoup have recommended the public key cryptosystem that can not expand, and for the attack (adaptive chosen chipertext attack) of adaptively selected fragment text, it is proved to be safe.
Summary of the invention
An object of the present invention is in the environment that a network spreads all over, be provided at a method of exchange message between the device.
Another object of the present invention provides the method for an identification compunication peers include both.
Another object of the present invention provides a method setting up an authentication communication session between at least two devices.
Another object of the present invention provides a method setting up a secure communication session between at least two devices, is not leaked to guarantee privacy.
The present invention relates generally to local network, more particularly, relate to the foundation of an authentication and/or secure communication session.An initial methods that is proposed is to allow local Distributed Services to set up a session, and comes exchange message by described session.Such session is used to carry out data communication between functional unit or device, and term " session " refers to the activity that all are taken place at establishment of connection, maintenance and deenergized period.According to the present invention, at least two sessions that device has been participated in to carry out in the computing environment that a network spreads all over.
A first aspect of the present invention provides a kind of method that is used for providing the authentication communication session between first device and at least one long-range second device, comprises step: excite a uni-directional wireless communication channel between described first device and described long-range second device; For enciphered message being offered described long-range second device, send a sequence from described first device to described long-range second device through described uni-directional wireless communication channel; And use described enciphered message to encrypt, send an encrypted response through a radio broadcasting medium to described first device.
A kind of device that is used to provide with the authentication communication session of at least one remote-control device is provided a second aspect of the present invention, and comprising: an initialization device is used for sending a sequence through a uni-directional wireless communication channel to described remote-control device; A receiver is used for receiving encrypted information through a radio broadcasting medium from described remote-control device; And cryptographic system, provide to be suitable for the enciphered message that transmits to described remote-control device through described uni-directional wireless communication channel, described thus receiver can receive the encrypted information that can be handled by described cryptographic system through described radio broadcasting medium.
A kind of device that is used to provide with the authentication communication session of at least one device is provided third aspect present invention, and comprising: an initial receiver is used for receiving a sequence through a uni-directional wireless communication channel from described device, to obtain enciphered message; A cryptographic system is used to handle described enciphered message; And a transmitter, be used for sending encrypted information to described device through a radio broadcasting medium.
A kind of communication system of first device with the authentication communication session of second device that be used to provide is provided fourth aspect present invention, each described device all has a cryptographic system that is used for Code And Decode information, described thus first device comprises an initialization device and first transceiver, described initialization device is used for sending a sequence through a uni-directional wireless communication channel to described second device, enciphered message is given described second device, described first transceiver is used for through the communication of encrypting between described first and second devices of a radio broadcasting medium; And described second device comprises an initial receiver and second transceiver, described initial receiver is used for receiving described sequence through described uni-directional wireless communication channel from described first device, to obtain described enciphered message, described second transceiver is used for the communication that the described radio broadcasting medium of process is encrypted between described first and second devices.
Basic thought is: user wishes to set up one by authorisation session that described user authorized between one first device and second device.First device is the entrained personal device of described user, for example people assistant one by one; Second device is for example service unit in user's near zone.Use a direct Small Extension Node. Communications link to initiate a communication session.So first device sends enciphered message and/or messaging parameter to destination apparatus.Described destination apparatus, promptly second device uses the information and the parameter that are received to be established to described apparatus for initiating conversely, i.e. and a radio broadcasting of first device connects.Further content of the present invention be realize guaranteeing a secured session and be controlled at the individual and service unit between a key of the time frame that communicates.
For personal device and service unit the user, for example set up an authentication session between a banking terminal, the user points to service unit with personal device, perhaps be described direction at least, and through a uni-directional wireless communication channel, for example, transmit a sequence or an initiation sequence of comprising a password, a Public key, session key, flags parameters and/or a messaging parameter through an infrared channel.After having received described sequence, service unit only sends it back the enciphered message that can be deciphered and use by described personal device by a radio broadcasting medium, responds.Described response may comprise information, a key, and another one session key and from the messaging parameter of service unit is further communicated by letter through described radio broadcasting medium being used for.Described personal device receives encrypted information.
For a secured session through described radio broadcasting medium, key is exchanged.Like this, can carry out a coded communication through described radio broadcasting medium.
Unimportant as for which device transmission messaging parameter or session key.
Personal device is arranged in demand on the service unit direction have been considered and adopts the method for a kind of instinct (intuitively) to select a communication party.People just begin to get used to pointing to things during from the child.In addition, the advantage that refers to is to select a communication target clearly; For example, use the PAN link, user's described communication target of actual touch of having to; Use laser link, can select a communication party intuitively.
If these two devices are shared identical radio broadcasting medium, and be the part of a local network, just following advantage can appear: even carry the described user of personal device owing to go to another room or floor has changed its position, also can continue a session of having initiated then.If personal device is downloaded big file or when communicating by letter for a long time with service unit, this becomes very useful.Infrared (IR) channel or a radio frequency (RF) channel, IrDA channel in particular, a HomeRF channel, a bluetooth channel, people's local area network (LAN) (PAN) channel one by one, an acoustics channel, perhaps any channel that other guarantees that the user moves on a large scale can be used as the radio broadcasting medium.
In order to excite communication session and in order to send an initiation sequence that may comprise sensitive information, the uni-directional wireless communication channel can guarantee that only destination apparatus can receive described initiation sequence.If can use a direction channel such as line-of-sight link, then because there is not other can be to eavesdrop and to receive described initiation sequence, this be with regard to advantageous particularly.A channel like this can be an optical channel, infrared or laser channel for example, people's local area network (LAN) (PAN) channel one by one, a direction radio frequency (RF) channel, a perceptual channel, a capacitive channels, perhaps each is suitable for the channel of short distance, directive communication link.
If service unit is signaled the sequence that receives from personal device, advantage is arranged then: described user obtains one and feeds back and know service unit and be ready for further communication.This can pass through a lamp, a LED, and perhaps the optics and/or the acoustic signal that provide of loud speaker indicated.
When described service unit was periodically intercepted sequence from personal device, its advantage was exactly to handle a sequence that is sent out immediately.
If personal device is connected to a user, for example by a PAN, set up a communication so and just become very simple because described user can use then one intuitively mode touch the intuitive service device, come to excite the uni-directional wireless communication channel through its human body.Do not need extra card or other things to set up an authentication session.
If by using a cryptographic system to protect the response of carrying out through described radio broadcasting medium and further communicate by letter, following advantage is just arranged then: the information that quilt is exchanged is hidden well, and can not be recovered by other people.A suitable system can be a Public key system, and wherein only Public key is exchanged once.
Another advantage of the present invention is-under the situation of wireless unidirectional link-and do not need personal device directly to contact with service unit.For example, fiscard, smart card, perhaps any other card itself in the personal device or in a plurality of personal device can be downloaded or upload information from a distance far away, Email for example, data, perhaps amount order.Card does not need to be placed in the device or in the reading device, this can be avoided producing mistake, saves PIN code, and helps to save time.
Secured session is near a service unit or the front at a service unit time, and the method that can be used a safety transmits long distance.Service unit can be installed in the place that need use these devices, for example: in bank, office, the warehouse, some examples are only enumerated in the outside of shopping center and building.This brings the bigger independence and the freedom of action to the user.For example, service unit can be placed on a concert advertisement near.Like this, when a user waits at the train station and watches the advertisement of described concert, just can buy a ticket sheet of described concert and pay.This ticket sheet can be kept in the card electronically, perhaps in the personal device, and can be uploaded in the porch of concert.The user need not rank a ticket office, and can not forget vote buying yet.
Description of drawings
Below with reference to following figure the present invention is described in more detail.
Fig. 1 has shown that according to an application principle figure of the present invention one of them user wishes to set up an authentication session between his personal device and a remote service device.
Fig. 2 has shown the more detailed description of Fig. 1.
Embodiment
For simplicity, the size with reality does not show all figure, and the relativeness between the size does not meet reality yet.
For description of the invention, the computing environment that term network spreads all over is defined as the environment that portable information apparatus and fix information device communicate by radio network technique.Communication between the device that carries out in such environment is based on regional adjacency.The distance that these devices begin to communicate is very little.Like this, only when device is in the adjacent position, just may begin to carry out a session.Further, the foundation of correspondence is interim in essence.This means no matter when two devices are in the adjacent position, and the communication on the physical layer just can be carried out.The user of such device needs control information flow; Particularly comprising sensitive information, for example credit card details need be done during authentication or the like information like this.A similar problem is to have described its machine-processed session control.
In the context of the present invention, a local network is defined as such network, and it comprises at least two devices that are positioned at the scope that can communicate mutually.In such local network, device communicates mutually and can not need a cable network.A local network does not need to be connected to an access point of a fixed network.Described local network fully can be in other any Network Isolation, and perhaps it can comprise the access point that one or more provides the device (wired) that can visit cable network.
The particular range that constitutes a local network according to the present invention is decided by actual implementation detail.Generally, the coverage of a local network can be described as be in several square metres to hundreds of square metre.Under specific environment, communication range can be bigger.
Network method of the present invention can be used for the warehouse, the workshop, and office, exchange, private home, automobile, and truck, around aircraft and the building or the like, only enumerate some examples here.
When with the term device, refer to the device of any kind that can be a local network member.The example of device is: desktop computer, working plate (workpad), gusset plate (nodepad), PDA(Personal Digital Assistant), notebook and other portable computers, desktop computer, terminal, network computer, internet terminal and other computer system, set-top box, cash register, bar code scanner, point of sales terminal, phonebooth system, cell phone, beep-pager, wrist-watch, digital watch, identity document, smart card and other hand-hold type and loading planning type device.Other device of being considered comprises: headphone, human-computer interface device (HID) compliant peripheral, data and voice access point, camera, printer, facsimile machine, keyboard, joystick, kitchen utensils, instrument, transducer be cigarette and/or Fike detector and in fact any other digital device for example.
Other example of the portable computers that can use with the present invention is to be equipped with the personal belongings of the hardware of similar computer, for example one " intelligent wallet " computer, jewelry, perhaps clothes items.Except " intelligent wallet " computer, the different portable computers of many other forms is arranged." belt " computer is such variation, can surfing (surf) when it allows the user mobile around, and oral instruction and Edit Document.Another example is a child's a computer, and it can be compared with the personal digital assistant that is used for Primary School Children.Described child's computer can be preserved operation, carries out and calculates, and help child to manage their operation.It can communicate with other child's computer realizes cooperation, and the computer that it can visit a teacher is downloaded operation or feedback.Any portability or mancarried device, any office instrument or equipment, family's instrument or equipment, the employed system of motor vehicle, perhaps public use (vending machine, automatic machine, ATM, or the like) system can be used for context of the present invention.
Network topology structure: method of the present invention can be used for local network, and can support the connection of point-to-point and/or point-to-multipoint.Several network segments (group) can be set up temporarily and be linked together.Network topology structure is lower than the level of theme of the present invention.Only when needs, just speak of network topology structure.Notice that the present invention and network topology structure are irrelevant, and can be used for network topology structure any kind, that allow broadcasting.
Network technology: method of the present invention can with the communication technology of any kind, RF for example, IR, perhaps other optical technology, human body network (for example PAN) and similar techniques are used together.
Below, contact Fig. 1 and Fig. 2 describe an exemplary embodiment of the present invention (first execution mode).Among Fig. 1, a simple example has shown a user 7, and described user 7 wishes to set up an authorisation session 8, with one first device 1 in described user's hand and between near the device 2 of one second the described user exchange message.In order to carry out described exchange, described user 7 physically points to the direction of second device 2 with first device 1, to excite a connection.To described destination apparatus, second device 2 sends a sequence 5 of band enciphered message to first device 1 through a uni-directional wireless communication channel 3.If uni-directional wireless communication channel 3 can be guaranteed line-of-sight link safe, that have directivity as one, for example infrared channel is set up, and is just favourable, because can eavesdrop described link without any other people.Second device can be a printer or another one people's a device, receives to comprise a password, key, messaging parameter, the information that the perhaps sequence 5 of flags parameters, and use is received are established to the authentication session 81, desired of user's first device.A radio broadcasting medium 4 is used to described purpose.
Fig. 2 is with reference to figure 1, and shown more arrangement of particulars.First device 1 comprises an initialization device 10, one first transceivers 11, one first cryptographic systems 15.All these unit all are connected to one first processing unit 16, and this first processing unit 16 is connected to other unit again, and for simply, other unit is not shown.First transceiver 11 has one first radio receiver 12 and one first broadcast transmission device 13.On the other hand, second device 2 comprises initial receiver 20, one second transceivers 21 and one second cryptographic system 25.All device these unit of 2 all are connected to one second processing unit 26, and this second processing unit 26 is connected to the unit again to carry out data processing, and perhaps even be connected to a network, for simply, other unit or network are not shown.Second transceiver 21 has one second broadcast transmission device 22 and one second radio receiver 23.Further, second device 2 has shown a signalling 30, is a LED here.Described LED30 is connected to CPU 26.The task of two cryptographic systems 15,25 is encryption and decryption information, hides and protect the information that is exchanged to use them.
For authentication is provided, method of the present invention has adopted the method for a Public key.This means that private cipher key of first party use and a cryptographic algorithm produce a Public key, and described Public key is sent to a second party, described Public key is known by other.Then, for example, second party uses the Public key of described reception that information is encrypted.Unsafe medium of encrypted information via or channel, for example the radio broadcasting medium for example a radio frequency (RF) channel be sent out back.But only first party can use its private cipher key to decipher described information.
Initial methods according to the present invention is worked as follows.The user 7, for simply, do not have explicit user 7 among Fig. 2, use initialization device 10 from first device 1, through uni-directional wireless communication channel 3, refer to the IR channel of a band directivity here, send to second device 2 to comprise an initial token T InitSequence 5.Described initial token T InitA Public key K who comprises one first device 1 P PubWith a now of selecting at random p(nonce p).By sending described initial token T through described uni-directional wireless communication channel 3 Init, only special-purpose second device 2 can receive and respond it.If second device 2 receives described sequence 5 at initial receiver 20, and second processing unit, 26 notified and quilt sequence 5 transmissions, LED 30 is triggered by first CPU 16 then, and send signal indication second device 2 to user 7 and be ready to, and can begin a communication session.In institute was free, described session was controlled by the user, and this means that described user can stop session immediately.Normally, 2 couples of initial token T that received of second device InitResponding, use radio broadcasting medium 4, is a radio frequency (RF) here, sends a Public key token T from the second broadcast transmission device 22 to first device 1 Pub, in response 6.The described Public key token T that is produced by described second cryptographic system 25 PubThe Public key K that comprises second device 2 S PubSeries connection with the current p that receives; Use is at initial token T InitThe Public key K of middle first device 1 that receives S PubTo described Public key token T PubEncrypt.At last, first device 1 receives described response 6 by the first main receiver 12, and by using first processing unit 16 and first cryptographic system 15 to handle described response 6, and comprise a messaging parameter token T by using the first broadcast transmission device 13 to send ComA communication sequence 9.Described communication sequence 9 also is sent out through radio broadcasting medium 4, and is received by second radio receiver 23 of second device 2.Public key K with second device 2 that is received S PubTo messaging parameter token T ComEncrypt.
The token that is exchanged can be represented as follows on mathematics:
T init=K P pub||nonce p
T pub=[K S pub||nonce p]K P pub
T com=[Com] K S pub
First cryptographic system 15 provides initial token T InitWith messaging parameter token T Com, and second cryptographic system 25 provides Public key token T Pub
By using first transceiver 11 and second transceiver 21, install the communication of carrying out between 2 subsequently at first device 1 and second through radio broadcasting medium 4.Thus, use by the messaging parameter of first device, 1 defined.
An authentication session has been described in one first execution mode above.But, for exchanging sensitive information, credit card information for example, only authentication is not enough.Between first device, 1 and second device 2, need a safety, privately owned communication link.Thus, by at messaging parameter token T ComIn comprise an encrypted session key K who is produced by first device, 1 first cryptographic system 15 P Sess, just realized one second execution mode.Each communication of being carried out between these two devices subsequently is used described encrypted session key K P SessEncrypt.
The purpose of another execution mode is at following first and second execution modes.The communication of being carried out between as first device 1 of people's device one by one and second device 2 as a service unit usually occurs in the context specific, regularly.Can reuse described initial token T again and again in order to prevent service unit 2 Init, an Expiration Date T Init DBe affixed to described initial token T InitOn.These two all are sent out in initiation sequence 5.If only be affixed to initial token T InitExpiration Date T Init DAlso do not have past tense, personal device 1 is just to Public key token T PubRespond.
Another execution mode is a variation of above-mentioned execution mode.With Expiration Date T Init DSimilar, an Expiration Date T Sess DBe affixed to by described individual or first device, the 1 session key K that is produced P SessOn, and process radio broadcasting medium 4 is sent out.Expiration Date T Sess DRealization give the response time restriction of 2 one definition of responding device.If described restriction is passed through, just no longer carry out any transmission, and stop session.This can help to save the power of mancarried device and improve fail safe.
Be with initial token T through radio communication channel 3 to service unit 2 transmission InitSequence 5 should be under obvious control of the user 7.According to uni-directional wireless communication channel 3 employed technology, can use diverse ways to solve described problem.Through uni-directional wireless communication channel 3, the communication that is called short one-way channel 3 is later on forbidden under default situation.When described uni directional communication channel 3 is optical link of a laser pen, the process in following two stages has just solved described problem: (1) user 7 comes excitation laser by next first button, and beats the formed luminous point direction that described laser alignment is required on by the surface of run-home by the visual control laser beam; (2) when user 7 determines laser beam run-home, he comes actual the transmission to destination apparatus 2 to be with initial token T by next second button InitSequence 5.When described one-way channel 3 was based on the PAN technology, the process in following two stages had solved described problem: (1) user 7 is by enabling one-way channel 3 by next first button; In case activate, one-way channel 3 just keeps activating in a limited time δ T, and in the described time, user 7 has an opportunity to come through directivity channel 3 transmission sequences 5 by touching the surface that PAN is enabled; (2) user 7 touches the described one-way channel transmission of the next actual process in the surface sequence 5 that PAN enables.After δ T is over and done with, just close communication immediately through described one-way channel 3, this prevents to produce any other further incidental information exchange.
An expansion of activation is that the user can prolong described time restriction T by first button of repeatedly pressing personal device.
In addition, personal device should provide a similar device to close common wireless communication channel 3 immediately.
Any disclosed execution mode can make up with one or more other execution mode that show and/or that describe.This is possible concerning a feature of the present invention or a plurality of feature equally.

Claims (27)

1. one kind is used for installing the method that the authentication communication session is provided between (1) and at least one long-range second device (2) first, comprises step:
Between described first device (1) and described long-range second device (2), excite a uni-directional wireless communication channel (3);
For enciphered message being offered described long-range second device (2), send a sequence (5) from described first device (1) to described long-range second device (2) through described uni-directional wireless communication channel (3); And
Use described enciphered message to encrypt, send an encrypted response (6) to described first device (1) through a radio broadcasting medium (4).
2. the method for claim 1, wherein said two devices (1,2) are shared described radio broadcasting medium (4), and are the parts of a local network.
3. the method for claim 1, wherein said uni-directional wireless communication channel (3) is an optical channel, people's local area network (LAN) channel one by one, the radio-frequency channel with directivity, a perceptual channel, perhaps a capacitive channels.
4. the method for claim 1, wherein said uni-directional wireless communication channel (3) is a channel with directivity.
5. method as claimed in claim 4, wherein said uni-directional wireless communication channel (3) with directivity is a line-of-sight link.
6. the method for claim 1, an initialization device (10) of wherein said first device (1) are arranged to make described uni-directional wireless communication channel (3) to point to described second device (2).
7. as claim 1 or 2 described methods, wherein said radio broadcasting medium (4) is an optical channel, an acoustics channel, a radio-frequency channel, a HomeRF channel, a bluetooth channel, perhaps people's local area network (LAN) channel one by one.
8. the method for claim 1, the communication distance of wherein said uni-directional wireless communication channel (3) can reach several meters, and the communication distance of a channel of described radio broadcasting medium (4) is identical or farther with the communication distance of described uni-directional wireless communication channel (3).
9. the method for claim 1, wherein only described long-range second device (2) can receive described sequence (5).
10. the method for claim 1, wherein said long-range second device (2) are used optics or acoustic signal to send signal indication and have been received the described sequence (5) of installing (1) from described first.
11. the method for claim 1, wherein said long-range second device (2) is periodically intercepted described sequence (5).
12. the method for claim 1, wherein said first device (1) is connected to a user (7), and wherein said user (7) touches described long-range second device (2), to excite the described uni-directional wireless communication channel (3) through described user's human body.
13. the method for claim 1, a device in wherein said two devices (1,2) sends at least one messaging parameter and/or a session key.
14. the method for claim 1, the described response (6) of wherein passing through described radio broadcasting medium (4) is used a public key cryptosystem and protects.
15. the method for claim 1, wherein said enciphered message comprise a password and/or a Public key.
16. one kind is used to provide the device with the authentication communication session of at least one remote-control device (2), comprises:
An initialization device (10) is used for sending a sequence (5) through a uni-directional wireless communication channel (3) to described remote-control device (2);
A receiver (12) is used for receiving encrypted information through a radio broadcasting medium (4) from described remote-control device (2); And
A cryptographic system (15), provide to be suitable for the enciphered message that the described uni-directional wireless communication channel of process (3) transmits to described remote-control device (2), described thus receiver (12) can receive through described radio broadcasting medium (4) can be by the encrypted information of described cryptographic system (15) processing.
17. device as claimed in claim 16 further comprises a transmitter (13), described transmitter (13) can send encrypted information through described radio broadcasting medium (4).
18. being several meters described uni-directional wireless communication channel (3), device as claimed in claim 16, described initialization device (10) process communication distance send described sequence (5).
19. one kind is used to provide the device with the authentication communication session of at least one device (1), comprises:
An initial receiver (20) is used for receiving a sequence (5) through a uni-directional wireless communication channel (3) from described device (1), to obtain enciphered message;
A cryptographic system (25) is used to handle described enciphered message; And
A transmitter (22) is used for sending encrypted information through a radio broadcasting medium (4) to described device (1).
20. as claim 16 or 19 described devices, wherein said radio broadcasting medium (4) is an optical channel, an acoustics channel, a radio-frequency channel, a HomeRF channel, a bluetooth channel, perhaps people's local area network (LAN) channel one by one.
21. as claim 16 or 19 described devices, the communication distance of wherein said radio broadcasting medium (4) is identical or farther with the communication distance of described uni-directional wireless communication channel (3).
22. device as claimed in claim 19 further comprises a signalling (30), is used for sending signal by optics and/or acoustic apparatus and represents to have received described sequence (5).
23. device as claimed in claim 19, wherein said initial receiver (20) is periodically intercepted described sequence (5).
24. one kind is used to provide the communication system of first device (1) with the authentication communication session of second device (2), each described device all has a cryptographic system (15,25) that is used for Code And Decode information, thus
Described first device (1) comprises an initialization device (10) and first transceiver (11), described initialization device (10) is used for sending a sequence (5) through a uni-directional wireless communication channel (3) to described second device (2), enciphered message is given described second device (2), described first transceiver (11) is used for installing the communication of encrypting between (1,2) through a radio broadcasting medium (4) described first and second; And
Described second device (2) comprises an initial receiver (20) and second transceiver (21), described initial receiver (20) is used for receiving described sequence (5) through described uni-directional wireless communication channel (3) from described first device (1), to obtain described enciphered message, described second transceiver (21) is used for installing the communication of encrypting between (1,2) through described radio broadcasting medium (4) described first and second.
25. communication system as claimed in claim 24, a device in wherein said two devices (1,2) can send a messaging parameter and/or a session key.
26. communication system as claimed in claim 24, wherein said two devices (1,2) are shared described radio broadcasting medium (4), and are the parts of a local network.
27. communication system as claimed in claim 24, wherein said first the device (1) described initialization device (10) thus be adjustable make described uni-directional wireless communication channel (3) by a line-of-sight link point to described second the device (2).
CNB991274474A 1999-01-27 1999-12-30 Method, apparatus and communication system for exchanging message in all over environment Expired - Fee Related CN1156117C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP99101457.2 1999-01-27
EP99101457A EP1024626A1 (en) 1999-01-27 1999-01-27 Method, apparatus, and communication system for exchange of information in pervasive environments

Publications (2)

Publication Number Publication Date
CN1262563A CN1262563A (en) 2000-08-09
CN1156117C true CN1156117C (en) 2004-06-30

Family

ID=8237423

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB991274474A Expired - Fee Related CN1156117C (en) 1999-01-27 1999-12-30 Method, apparatus and communication system for exchanging message in all over environment

Country Status (5)

Country Link
EP (1) EP1024626A1 (en)
JP (1) JP2000224156A (en)
KR (1) KR100357271B1 (en)
CN (1) CN1156117C (en)
CA (1) CA2296223C (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101842780B (en) * 2007-10-30 2012-10-03 索尼公司 Wireless control channel and back-channel for receiver

Families Citing this family (119)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7346374B2 (en) * 1999-05-26 2008-03-18 Johnson Controls Technology Company Wireless communications system and method
EP1852836A3 (en) 1999-05-26 2011-03-30 Johnson Controls Technology Company Wireless communications system and method
US6993134B1 (en) * 1999-08-09 2006-01-31 Koninklijke Philips Electronics N.V. Key exchange via a portable remote control device
CN1337029A (en) 1999-09-16 2002-02-20 松下电器产业株式会社 Electronic wallet
GB9927372D0 (en) 1999-11-20 2000-01-19 Ncr Int Inc Self-service terminal
GB2364457B (en) * 2000-07-03 2003-08-06 John Quentin Phillipps Wireless communication
US7310158B2 (en) * 2000-09-01 2007-12-18 Canon Kabushiki Kaisha Communication apparatus capable of communication with other apparatuses through wireless communication, communication system having the same communication apparatus, and method for controlling the same
AUPQ987100A0 (en) * 2000-09-04 2000-09-28 Monash University A wireless distributed authentication system
JP3842535B2 (en) * 2000-09-07 2006-11-08 株式会社ケンウッド Information distribution system
JP3719646B2 (en) * 2000-09-13 2005-11-24 日本電信電話株式会社 Communication partner authentication system and authentication communication terminal device thereof
EP1193957A1 (en) * 2000-09-29 2002-04-03 Abb Research Ltd. System, device and method for sending electronic messages
JP2002124960A (en) * 2000-10-16 2002-04-26 Link Evolution Corp Communication device, communication system, and communication method
JP3558125B2 (en) * 2000-10-17 2004-08-25 日本電気株式会社 Wireless communication connection destination identification method
JP2002150487A (en) * 2000-10-23 2002-05-24 Lite Vision Corp System for communicating with vehicle and with communication system control center
JP4816701B2 (en) * 2000-10-24 2011-11-16 ソニー株式会社 Information processing device
JP4868195B2 (en) * 2000-10-24 2012-02-01 ソニー株式会社 Electronic apparatus and information processing apparatus
ATE405110T1 (en) * 2000-11-17 2008-08-15 Sony Deutschland Gmbh INFORMATION TRANSMISSION VIA AN AD HOC NETWORK
GB0028475D0 (en) 2000-11-22 2001-01-10 Ncr Int Inc Module
EP1345339A1 (en) * 2000-12-21 2003-09-17 Matsushita Electric Industrial Co., Ltd. Radio system, radio device, radio connection method, program, and medium
FI110560B (en) 2000-12-27 2003-02-14 Nokia Corp Grouping of wireless communication terminals
KR100365157B1 (en) * 2000-12-29 2002-12-18 엘지전자 주식회사 Method for transmitting remote control information by FHS packet in bluetooth
WO2002056536A1 (en) * 2001-01-09 2002-07-18 Telefonaktiebolaget Lm Ericsson Method and system for bonding two bluetooth devices
FR2820266B1 (en) * 2001-01-26 2003-05-30 Gemplus Card Int DEVICE AND METHOD FOR SECURE AUTOMATIC PAIRING OF DEVICES IN A RADIO FREQUENCY NETWORK
US20020123325A1 (en) * 2001-03-01 2002-09-05 Cooper Gerald M. Method and apparatus for increasing the security of wireless data services
KR100424764B1 (en) * 2001-03-05 2004-03-30 삼성전자주식회사 Method for detecting inquiry result using class of device in wireless link of short range mobile radio system
JP2002269663A (en) * 2001-03-13 2002-09-20 Denso Corp Security system for vehicle
WO2002075962A1 (en) * 2001-03-16 2002-09-26 Mitsubishi Denki Kabushiki Kaisha Personal digital assistant, wireless communication system, and method of establishing link
DE60236480D1 (en) 2001-03-29 2010-07-08 Panasonic Corp Image reader
US7120667B2 (en) * 2001-10-30 2006-10-10 Hewlett-Packard Development Company, L.P. Method and system for ad hoc networking of computer users
CN1229738C (en) * 2001-11-01 2005-11-30 索尼公司 Communication system and method, information processing terminal and method, and information processing apparatus and method
JP3915481B2 (en) 2001-11-14 2007-05-16 セイコーエプソン株式会社 Wireless communication device
JP3937820B2 (en) 2001-11-27 2007-06-27 セイコーエプソン株式会社 Wireless network adapter
JP4005348B2 (en) 2001-12-12 2007-11-07 富士通テン株式会社 Wireless terminal
WO2003061205A1 (en) * 2002-01-10 2003-07-24 Fujitsu Limited Shor-distance wireless communication system using mobile terminal and wireless communication device therefor
US7937089B2 (en) 2002-02-06 2011-05-03 Palo Alto Research Center Incorporated Method, apparatus, and program product for provisioning secure wireless sensors
US20030149874A1 (en) 2002-02-06 2003-08-07 Xerox Corporation Systems and methods for authenticating communications in a network medium
US7477743B2 (en) 2002-02-07 2009-01-13 Nokia Corporation Hybrid network encrypt/decrypt scheme
US7487362B2 (en) * 2002-02-15 2009-02-03 Qualcomm, Inc. Digital authentication over acoustic channel
US7966497B2 (en) 2002-02-15 2011-06-21 Qualcomm Incorporated System and method for acoustic two factor authentication
US7352996B2 (en) * 2002-03-29 2008-04-01 Ncr Corporation System and method for coupling users to a retail computer system with low risk of eavesdropping
US6880079B2 (en) 2002-04-25 2005-04-12 Vasco Data Security, Inc. Methods and systems for secure transmission of information using a mobile device
US7401224B2 (en) 2002-05-15 2008-07-15 Qualcomm Incorporated System and method for managing sonic token verifiers
CN1742463A (en) * 2002-07-15 2006-03-01 皇家飞利浦电子股份有限公司 Method and system for communicating wirelessly between devices
EP1527588A1 (en) * 2002-07-29 2005-05-04 Philips Intellectual Property & Standards GmbH Security system for apparatuses in a wireless network
EP1387561A1 (en) 2002-07-29 2004-02-04 Fuji Photo Film Co., Ltd. Wireless communication apparatus and imaging apparatus
DE10254747A1 (en) * 2002-07-29 2004-02-19 Philips Intellectual Property & Standards Gmbh Security system for wireless network devices
JP2005535197A (en) * 2002-07-29 2005-11-17 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ Security system for network devices
US7581096B2 (en) 2002-08-30 2009-08-25 Xerox Corporation Method, apparatus, and program product for automatically provisioning secure network elements
US7185199B2 (en) 2002-08-30 2007-02-27 Xerox Corporation Apparatus and methods for providing secured communication
US7027836B2 (en) * 2002-09-10 2006-04-11 Eastman Kodak Company Method and system for establishing a communication network
US20040203590A1 (en) * 2002-09-11 2004-10-14 Koninklijke Philips Electronics N.V. Set-up of wireless consumer electronics device using a learning remote control
US7392375B2 (en) 2002-09-18 2008-06-24 Colligo Networks, Inc. Peer-to-peer authentication for real-time collaboration
US7412229B2 (en) * 2002-10-02 2008-08-12 Nippon Telephone And Telegraph Corporation Sales apparatus and method of transmitting and receiving merchandise information by electric field induced in human body
US6934535B2 (en) * 2002-12-02 2005-08-23 Nokia Corporation Privacy protection in a server
WO2004075169A2 (en) * 2003-02-19 2004-09-02 Koninklijke Philips Electronics, N.V. System for ad hoc sharing of content items between portable devices and interaction methods therefor
KR20030043879A (en) * 2003-05-13 2003-06-02 권순태 Electronic commerce system and method using terminal identification code, digital camera and goods identification code
EP1487224A1 (en) * 2003-06-11 2004-12-15 Sony France S.A. Wireless communication system and method for facilitating wireless communication
US7454619B2 (en) 2003-06-24 2008-11-18 Palo Alto Research Center Incorporated Method, apparatus, and program product for securely presenting situation information
RU2315438C2 (en) * 2003-07-16 2008-01-20 Скайп Лимитед Peer phone system
FR2860668B1 (en) * 2003-10-06 2006-01-06 Valeo Securite Habitacle CURRENT BAUDGE IDENTIFICATION SYSTEM CIRCULATING THROUGH THE BODY TO TWO DETECTION MODES
KR100617671B1 (en) * 2003-12-22 2006-08-28 삼성전자주식회사 High-speed wireless lan system
JP2005197880A (en) * 2004-01-05 2005-07-21 Nec Corp Information distribution system, information distribution method, mobile, server, and information distribution terminal
JP2005303947A (en) * 2004-04-16 2005-10-27 Matsushita Electric Ind Co Ltd Radio communication apparatus and radio communication method
JP4042723B2 (en) 2004-06-01 2008-02-06 ソニー株式会社 Communication system, terminal, and communication method
US7552322B2 (en) * 2004-06-24 2009-06-23 Palo Alto Research Center Incorporated Using a portable security token to facilitate public key certification for devices in a network
JP4670270B2 (en) * 2004-06-28 2011-04-13 ソニー株式会社 Communication system and communication apparatus
US7130998B2 (en) * 2004-10-14 2006-10-31 Palo Alto Research Center, Inc. Using a portable security token to facilitate cross-certification between certification authorities
JP2006180110A (en) 2004-12-21 2006-07-06 Nec Corp Data transmission system, data transmission method, data transmission server, data receiving terminal and data transmitting program
USRE48433E1 (en) 2005-01-27 2021-02-09 The Chamberlain Group, Inc. Method and apparatus to facilitate transmission of an encrypted rolling code
US9148409B2 (en) 2005-06-30 2015-09-29 The Chamberlain Group, Inc. Method and apparatus to facilitate message transmission and reception using different transmission characteristics
US8422667B2 (en) 2005-01-27 2013-04-16 The Chamberlain Group, Inc. Method and apparatus to facilitate transmission of an encrypted rolling code
US20060195695A1 (en) * 2005-02-25 2006-08-31 John Keys Techniques for verification of electronic device pairing
US7577459B2 (en) * 2005-05-11 2009-08-18 Nokia Corporation Establishing a communication link
JP2006332903A (en) * 2005-05-24 2006-12-07 Ntt Docomo Inc Key acquisition apparatus, key providing apparatus, key exchange system, and key exchange method
GB2427101B (en) * 2005-06-10 2008-04-02 Motorola Inc Communication terminal, system and a method for establishing a communication link
GB2427317B (en) * 2005-06-16 2010-05-19 Hewlett Packard Development Co Quantum key distribution apparatus & method
US9191198B2 (en) 2005-06-16 2015-11-17 Hewlett-Packard Development Company, L.P. Method and device using one-time pad data
US7916869B2 (en) 2005-09-01 2011-03-29 Sharp Laboratories Of America, Inc. System and method for automatic setup of a network device with secure network transmission of setup parameters using a standard remote control
US7609837B2 (en) 2005-09-01 2009-10-27 Sharp Laboratories Of America, Inc. System and method for automatic setup of a network device with secure network transmission of setup parameters
DE102005045118B4 (en) * 2005-09-21 2007-08-23 Siemens Ag Registration procedure between participants of a communication system and participants
TW200727609A (en) * 2005-09-27 2007-07-16 Kaba Ag A method and system for the transmission of identification signals
CN101371530B (en) * 2006-01-18 2017-08-29 皇家飞利浦电子股份有限公司 The automatic and safe configuration of wireless medical networks
US20090023391A1 (en) * 2006-02-24 2009-01-22 Koninklijke Philips Electronics N. V. Wireless body sensor network
KR101315079B1 (en) * 2006-05-08 2013-10-08 코닌클리케 필립스 일렉트로닉스 엔.브이. Method of transferring application data from a first device to a second device, and a data transfer system
WO2008015627A1 (en) * 2006-07-31 2008-02-07 Koninklijke Philips Electronics N.V. Method and system for configuring a network and network management device
WO2008015591A1 (en) * 2006-07-31 2008-02-07 Koninklijke Philips Electronics N.V. Method and system for establihing and controlling communication between two communication devices
US7831043B2 (en) 2006-08-27 2010-11-09 International Business Machines Corporation System and method for cryptographically authenticating data items
EP2110000B1 (en) 2006-10-11 2018-12-26 Visteon Global Technologies, Inc. Wireless network selection
US8160494B2 (en) 2007-01-17 2012-04-17 Research In Motion Limited Methods and apparatus for use in switching user account data and operations between two different mobile communication devices
EP1947812B1 (en) * 2007-01-17 2016-10-19 BlackBerry Limited Methods and apparatus for use in switching user account data and operations between two different mobile communication devices
EP2143232B1 (en) 2007-04-05 2016-07-06 International Business Machines Corporation System and method for distribution of credentials
CA2628940A1 (en) * 2007-04-09 2008-10-09 Ajang Bahar Devices, systems and methods for ad hoc wireless communication
US7734181B2 (en) 2007-04-09 2010-06-08 Ajang Bahar Devices, systems and methods for ad hoc wireless communication
JP2008270870A (en) * 2007-04-16 2008-11-06 Sony Corp Communications system, communications apparatus and method, and computer program
US8068607B2 (en) * 2007-07-31 2011-11-29 Ricoh Company, Limited Information processing apparatus and information processing method
US20090233548A1 (en) * 2008-03-13 2009-09-17 Sony Ericsson Mobile Communications Ab Skin-based information transfer between mobile devices
JP2009260554A (en) * 2008-04-15 2009-11-05 Sony Corp Content transmission system, communication device, and content transmission method
JP4894826B2 (en) 2008-07-14 2012-03-14 ソニー株式会社 COMMUNICATION DEVICE, COMMUNICATION SYSTEM, NOTIFICATION METHOD, AND PROGRAM
US8806609B2 (en) * 2011-03-08 2014-08-12 Cisco Technology, Inc. Security for remote access VPN
EP2523417A1 (en) * 2011-05-09 2012-11-14 Kamstrup A/S Paring of devices using an encryption key
CN102957529B (en) * 2011-08-29 2018-02-09 国民技术股份有限公司 Radio frequency safety communication means and system, magnetic communication radio frequency reception/transmission terminal
AT512075A1 (en) * 2011-10-18 2013-05-15 Evva Sicherheitstechnologie METHOD OF ACCESS CONTROL
FR2981823B1 (en) * 2011-10-25 2013-12-27 Continental Automotive France METHOD FOR AUTHENTICATING AN IDENTIFICATION DEVICE AGAINST AN ACTUATOR DEVICE, AND A MOTOR VEHICLE COMPRISING SUCH AN ACTUATOR DEVICE
JP6195344B2 (en) 2012-06-08 2017-09-13 キヤノン株式会社 X-ray imaging system, control method of X-ray imaging system, and program
EP2747040A1 (en) * 2012-12-21 2014-06-25 Gemalto SA Converting communication device
US9307374B2 (en) 2013-06-19 2016-04-05 Globalfoundries Inc. Transferring information on a first mobile computing device to a peer mobile computing device
KR101499894B1 (en) * 2013-11-15 2015-03-06 한국전력기술 주식회사 Unidirectional Data Transfer Device over Ethernet Network
US9351100B2 (en) 2013-12-05 2016-05-24 Sony Corporation Device for control of data transfer in local area network
EP3078157B1 (en) 2013-12-05 2020-04-08 Sony Corporation A wearable device and a method for storing credentials associated with an electronic device in said wearable device
EP3078135B1 (en) * 2013-12-05 2019-12-11 Sony Corporation Pairing consumer electronic devices using a cross-body communications protocol
US9332377B2 (en) 2013-12-05 2016-05-03 Sony Corporation Device and method for control of data transfer in local area network
US9842329B2 (en) 2015-02-13 2017-12-12 Sony Corporation Body area network for secure payment
US10553040B2 (en) * 2016-02-18 2020-02-04 Ford Global Technologies, Llc Method and apparatus for enhanced telematics security through secondary channel
JP6815819B2 (en) * 2016-10-17 2021-01-20 キヤノン株式会社 Radiation equipment, radiography system, radiography method, and program
US10652743B2 (en) 2017-12-21 2020-05-12 The Chamberlain Group, Inc. Security system for a moveable barrier operator
US11074773B1 (en) 2018-06-27 2021-07-27 The Chamberlain Group, Inc. Network-based control of movable barrier operators for autonomous vehicles
US11423717B2 (en) 2018-08-01 2022-08-23 The Chamberlain Group Llc Movable barrier operator and transmitter pairing over a network
US10997810B2 (en) 2019-05-16 2021-05-04 The Chamberlain Group, Inc. In-vehicle transmitter training
CN114697058B (en) * 2020-12-28 2023-08-04 华为技术有限公司 Identity authentication method, electronic equipment and computer readable storage medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2254225A (en) * 1991-03-05 1992-09-30 Nat Semiconductor Corp Cordless telephone security coding
EP0756397B1 (en) * 1995-07-28 2003-06-25 Hewlett-Packard Company, A Delaware Corporation System and method for key distribution and authentication between a host and a portable device
US5796827A (en) * 1996-11-14 1998-08-18 International Business Machines Corporation System and method for near-field human-body coupling for encrypted communication with identification cards

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101842780B (en) * 2007-10-30 2012-10-03 索尼公司 Wireless control channel and back-channel for receiver

Also Published As

Publication number Publication date
CA2296223C (en) 2008-08-12
CA2296223A1 (en) 2000-07-27
EP1024626A1 (en) 2000-08-02
KR100357271B1 (en) 2002-10-18
JP2000224156A (en) 2000-08-11
KR20000057751A (en) 2000-09-25
CN1262563A (en) 2000-08-09

Similar Documents

Publication Publication Date Title
CN1156117C (en) Method, apparatus and communication system for exchanging message in all over environment
CN101083556B (en) Region based layered wireless information publishing, searching and communicating application system
US6424623B1 (en) Virtual queuing system using proximity-based short-range wireless links
KR100943683B1 (en) Method for ensuring data transmission security, communication system and communication device
ATE348457T1 (en) SECURE COMMUNICATION
US20080057990A1 (en) System and method for establishing a wireless connection between wireless devices
US20130182847A1 (en) Communication system, information processing apparatus, method and computer program
US20080089519A1 (en) Secure key exchange algorithm for wireless protocols
EP2301193B1 (en) Method for forming an electronic group
CA2277633A1 (en) Split-key key-agreement protocol
CN101647312A (en) Techniques to increase coverage of push-to-talk wireless networks
CN106031120B (en) Key management
US8032753B2 (en) Server and system for transmitting certificate stored in fixed terminal to mobile terminal and method using the same
US20240040359A1 (en) Systems and methods for secure localized communications in a local communications network
CN103236926A (en) Point-to-point-based data transmission system and data transmission method
US20090040183A1 (en) Response system and method with dynamic personality assignment
US7814212B1 (en) Data delivery system using local and remote communications
CN109074229A (en) The printing of encrypted document is carried out using multiple networks
KR101744868B1 (en) Method and Device for Managing Security Keys
CN113515075A (en) Intelligent control system and method through low-power-consumption long-distance radio frequency wireless network
CN109559113A (en) A kind of transaction system without network communication
JP5758935B2 (en) COMMUNICATION DEVICE, COMMUNICATION SYSTEM, AND COMMUNICATION DEVICE CONTROL METHOD
CN207410378U (en) A kind of mobile terminal
Bosse BeeTS: Smart Distributed Sensor Tuple Spaces combined with Agents using Bluetooth and IP Broadcasting
JP2869720B2 (en) Order management system in restaurants

Legal Events

Date Code Title Description
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C06 Publication
PB01 Publication
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20040630

Termination date: 20100201